Netgear Exploit Found in 31 Models Lets Hackers Turn Your Router Into a Botnet

An anonymous reader shares a report: You might want to upgrade the firmware of your router if it happens to sport the Netgear brand. Researchers have discovered a severe security hole that potentially puts hundreds of thousands of Netgear devices at risk. Disclosed by cybersecurity firm Trustwave, the vulnerability essentially allows attackers to exploit the router's password recovery system to bypass authentication and hijack admin credentials, giving them full access to the device and its settings. What is particularly alarming is that the bug affects at least 31 different Netgear models, with the total magnitude of the vulnerability potentially leaving over a million users open to attacks. Even more unsettling is the fact that affected devices could in certain cases be breached remotely. As Trustwave researcher Simon Kenin explains, any router that has the remote management option switched on is ultimately vulnerable to hacks.

Have we patched the last vulnerability yet?

FFS, it wasn't long ago that a basic security vulnerability left 300+ million people vulnerable to attack, simply by hacking their election, both emails and the registration servers, attackers were able to insert in a bright orange trojan into office.

Have we patched that yet? Because an exploit for that is out in the wild wreaking havoc on basic security.

The virus attack package it carries lets an impersonation attack happen, it appears to be a real, except it doesn't obey any laws and seizing control of the network by seeding other devices with trojan rootkits under its control.

The malware originates from known Russian hackers.